When it comes to enterprise computing, the world looks different today than it did even a few months ago. It used to be that corporate IT environments were largely confined within the network’s perimeter and could be protected using strategies that focused on keeping threats out.
Now, however, computing environments have expanded to include multiple online platforms connecting the business to its customers, suppliers, vendors and partners, as well as the broader Internet and a rich variety of software-as-a-service (SaaS) applications. In fact, if your company is a larger enterprise, it’s likely that employees are using more than a thousand SaaS apps on a regular basis.
With the recent push for rapid expansion of the remote workforce, cloud adoption has been further accelerated. Many companies began their remote workforce journey setting up new cloud platforms and services on the fly, first seeking to enable employees to meet critical productivity requirements for file sharing, communication, and collaboration. Considering security came afterwards, sometimes by implementing temporary fixes.
But short-term solutions aren’t necessarily best for a business’ agility, flexibility or scalability in the future. Securing cloud-first and multicloud computing environments is necessarily different from securing yesterday’s IT systems, which were predominantly on-premises and owned by the organization.
A future-focused security strategy should seek to enforce unified policies across both on-premises solutions and cloud services, with the goal of maintaining alignment and consistency. It should eschew organizational silos that make it difficult to merge cloud data security and on-premises data security solutions. It also prioritizes meaningful visibility and control, keeping a sharp eye on devices and applications that your employees are actually using—and that they’ll continue to use in the weeks and months to come.
Developing a future-focused security strategy demands a human-centric approach. This includes educating employees on best practices for handling sensitive data, and establishing guidelines around personal device use, unsanctioned applications, and non-corporate instances of cloud apps. It can also involve solutions like a Cloud Access Security Broker (CASB) or Data Loss Prevention (DLP) that can enforce policies automatically across your entire environment.
Main things to think about are:
- Increasing visibility
- Remaining flexible and agile
- Integrating on-premises and cloud security solutions
In th rest of this post, I will focus on the first point and cover the rest in part 2 (coming soon).
Increasing visibility; you cannot secure what you can’t see.
One potential drawback to accelerated cloud adoption is that employees may be subscribing to new SaaS applications faster than your security team can keep track of. Another challenge may be employees’ desire to use personal devices (BYOD, whether this is a laptop computer at home, or a tablet or mobile device in the office or on the road) to access sensitive corporate data. A third issue is the possible transfer of protected data from corporate to personal instances of SaaS applications.
In all these cases, your security organization must decide if it will permit personal device use over the long term. If so, how will you protect sensitive data stored on these devices? Will you permit employees to use unsanctioned applications or personal instances of apps? If not, how will you enforce this policy?
The specific guidelines your organization establishes—for the short and long term—depend on what makes the most sense for your employees and their preferred ways of working. But you should also ensure you have technologies in place that will give you granular visibility into and control over users’ activities and the devices that enable them to be most productive.
You can choose to unleash the power and value of your employees’ personal devices without compromising the enterprise’s security with a CASB solution that includes full coverage of APIs and proxy (forward and reverse) support. Because Forcepoint CASB supports multiple deployment modes, your security team can choose one that’s best for cloud application performance, employees’ needs, and the organization’s business processes.
To learn more, check out Cloud Control: Get the Visibility and Control You Need to Secure Data in the Cloud by clicking the link or clicking the Read the Report button in the top right.